[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Nomination question: Redhat

On Sat, Dec 12, 1998 at 03:36:59PM +0000, Adrian Bridgett wrote:
> So - what do the nominees think about Redhat? 

They're another dist.  (Obviously.)  Being that they're another free
software dist, they aren't our enemies.  I'm concerned however that many
people have said Redhat is not in favor of GPL libraries because people
cannot freely make proprietary code with them.  Are they selling out?  A
lot of people think so, I have not passed judgement.  As long as their
primary interests help the community and indirectly us as a result, I'm
all for supporting Redhat as an alternative to Debian.

I don't use it however.  Two releases in a row they have released
programs suid root which should NOT be suid root.  This shows their
development strategy is build it first and fast, then secure it.  This is
bad and I can't safely rely on that sort of development to be secure.  I
hope they opt to develop with security in mind first in the future.  I am
also not afraid to tell people why I don't use it as I have just done. 
In an open security model, the best way to get a problem fixed is to make
the problem well known.

I wouldn't mind a machine running Redhat sitting along my primary Debian
based machine provided the thing was behind a firewall, just in case. 
Consequently, this is the same requirement I'd have for a windoze box to
be connected to the network, that it be firewalled from the outside
world.  Obviously, I wish they would adopt a more open development model
which has the system as secure as it can be throughout their development. 
THey seem to be moving toward this goal and I will support them in doing

> How can we work better with them?

Besides the above and the LSB project, I think we can and should work and
coordinate with with the people at Redhat in areas such as Linux and Free
Software advocacy.  (Note I am hesitant to use the Open Source service
mark until the SPI/OSI issues are resolved and that done any changes made
to the Open Source definition--I don't like to use the term because I'm
not sure it'll mean when this is done what it means today)  Other issues

Another thing I think Redhat and Debian could do together that the LSB
has (fortunately) opted not to address at this time are our package
managers.  The idea that they are so close and yet so far is unmistakable
once you check out Joey Hess's comparison of package formats.  My goal in
this case is not necessarily to create a package manager used by both
distributions--frankly Redhat is not willing to move from rpm and it
seems most of Debian doesn't want to give up dpkg either.  But if both
are extended in ways that make their more feature-rich, they could become

I don't suggest we adopt use of file dependancies in place of package
dependancies personally.  That's the one thing they have and we don't
that I personally don't think we should have.  Dependancy on files is a
gross mis-feature designed to be compatible with installing both tarballs
and packages it seems.  The idea is somewhat harmful to Debian's policy
and without the policy what would Debian be?  I believe the contents file
might serve to emulate this transparently, unless of course somebody has
a better idea.

I also believe we could and should work with Redhat with big projects
such as a sane installation and configuration for X.  Redhat has a config
program already that's great when it works.  When it doesn't, well, like
many high level config tools in their dist, when it doesn't work you have
to do everything the hard way.  At least there is XF86Setup which can be
easy if you have a mouse on /dev/mouse which happens to be Microsoft
mode, etc.  And if your monitor and video card are listed that helps too. 
Almost certainly you'll be tweaking monitor settings and modelines by
hand though.

I've already stated my position on high level tools.  I can describe in
more detail my thoughts on a project like a new configuration for X but
that's really a technical issue suited for someone who's going to code
such an animal.  Provided nobody else has by the time I learn enough C to
start writing it, I probably will.

> How to grow market numbers like Redhat has?

I don't know if that's possible without a marketting budget.  However I'm
sure we can give them a run for their money.  We already have a product
many ways better than theirs and we're not just going to sit here and let
them catch up to us are we?  In the end they're still on our side and we
should work with them instead of against them, however I have no
objection to deliberately leaving them in our dust if they don't want to
keep up with us.

> Adrian (who has concerns about Redhat but likes them all the same)

Concern is important considering, but group paranoia will get us nowhere
fast.  Individual paranoia may be appropriate at some point, but what
that point is I shall leave as an exercise for the reader.  =>

"You're despicable."  -- Daffy Duck

Attachment: pgpzoO6Ox4dy7.pgp
Description: PGP signature

Reply to: